Cici’s Breach – Fraud.org

The fast food pizza buffet chain, Cici’s, has announced that their point-of-sales systems have been compromised. The breach, which affected 140 of their 450 restaurants from June 2015 through July 2016, is believed to have compromised more than 600,000 payment cards.

Announced: July 19, 2016

Description of the breach: The majority of Cici’s restaurants’ point-of-sale (POS) systems were compromised between March and July of 2016. However, several Cici’s stores had their POS systems hacked as far back as 2015.  

Although the breach has now been contained and all malware has been removed from Cici’s POS systems, customers are being asked to check if their local restaurant was one of the 160 restaurants that were affected by the breach. Customers may search the full list of compromised Cici’s locations by clicking here. Customers who shopped at affected locations are being urged to carefully monitor their credit or debit statements for fraudulent activity and to consider placing a fraud alert or credit freeze on their account. Placing a fraud alert on your account requires creditors to take extra steps to verify your identity before granting credit in your name. A credit freeze prevents any access to your credit until the freeze is lifted. To place a fraud alert or credit freeze on your credit, contact one of the the three major creditors below:

• Equifax: 800-525-6285

• Experian: 888-397-3742

• TransUnion: 800-680-7289

Data breach period: June 2015 – July 2016

Official information from Cici’s: https://www.cicis.com/news/data-notification-all

Full list of affected Cici’s locations: https://www.cicis.com/media/1328/by-statev2.pdf

Contact Cici’s: 877-220-1388

More coverage of this breach: Krebs on Security and Security Week